com.caucho.server.security
Class PermitEmptyRolesConstraint

java.lang.Object
  extended by com.caucho.server.security.AbstractConstraint
      extended by com.caucho.server.security.PermitEmptyRolesConstraint

public class PermitEmptyRolesConstraint
extends AbstractConstraint


Constructor Summary
PermitEmptyRolesConstraint(boolean permit)
           
 
Method Summary
 AuthorizationResult isAuthorized(HttpServletRequest request, HttpServletResponse response, ServletContext application)
          Returns true if the user is authorized for the resource.
 
Methods inherited from class com.caucho.server.security.AbstractConstraint
isPrivateCache, needsAuthentication, toArray
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PermitEmptyRolesConstraint

public PermitEmptyRolesConstraint(boolean permit)
Method Detail

isAuthorized

public AuthorizationResult isAuthorized(HttpServletRequest request,
                                        HttpServletResponse response,
                                        ServletContext application)
                                 throws ServletException,
                                        java.io.IOException
Description copied from class: AbstractConstraint
Returns true if the user is authorized for the resource.

isAuthorized must provide the response if the user is not authorized. Typically this will just call sendError.

isAuthorized will be called after all the other filters, but before the servlet.service().

Specified by:
isAuthorized in class AbstractConstraint
Parameters:
request - the servlet request
response - the servlet response
Returns:
true if the request is authorized.
Throws:
ServletException
java.io.IOException